Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

In this Discussion

osTicket v1.10 (stable) and Maintenance Release v1.9.15 are now available! Go get it now

Osticket in DMZ and LDAP? Security issue?

We would like to access our Osticket from any where, and sure it sounds like a nice idea. But is there any security risk and issue when using LDAP authentication? 

Maybe another solution to use osticket from the outside to inside?

Comments

  • I would personally increase the time out and lower the failed login attempts at Admin panel -> Settings -> Access.  But I dont see it as being any less secure then any other web site.

  • Thanks for the answer. Thumps up.
  • keep in mind unless some sort of encryption is used to authenticate between your clients machines and your network the NTLM auth request, which is what is used to authenticate will not be encrypted. Make sure you look into the details of the auth request for NTLM v 1 & 2 and see if there is encryption setting which you can enable otherwise your users credentials will be sent in plain text and for most organizations that is a risk which is not acceptable.

    I am currently looking into this myself as I am working on a new osTicket install with this as a potential requirement. if I find out anything I will post.
  • Rich,
    any update? we are considering this as well.
    thanks
  • Yea and update would be great.
  • No update on this topic?
Sign In or Register to comment.